apache tomcat 5.5.18 vulnerabilities and exploits

(subscribe to this query)

The doRead method in Apache Tomcat 4.1.32 up to and including 4.1.34 and 5.5.10 up to and including 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request.

Apache Tomcat 4.1.32 Apache Tomcat 4.1.33 Apache Tomcat 4.1.34 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11 Apache Tomcat 5.5.12 Apache Tomcat 5.5.13 Apache Tomcat 5.5.14 Apache Tomcat 5.5.15 Apache Tomcat 5.5.16 Apache Tomcat 5.5.17 Apache Tomcat 5.5.18

The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15 does not restrict certain permissions for web applications, which allows malicious users to modify logging configuration options and ov...

Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11 Apache Tomcat 5.5.12 Apache Tomcat 5.5.13 Apache Tomcat 5.5.14 Apache Tomcat 5.5.15 Apache Tomcat 5.5.16 Apache Tomcat 5.5.17 Apache Tomcat 5.5.18 Apache Tomcat 5.5.19 Apache Tomcat 5.5.20

Apache Tomcat 5.5.11 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote malicious users to trigger handling of "a duplicate copy of one of the ...

Apache Tomcat 5.5.11 Apache Tomcat 5.5.12 Apache Tomcat 5.5.13 Apache Tomcat 5.5.14 Apache Tomcat 5.5.15 Apache Tomcat 5.5.16 Apache Tomcat 5.5.17 Apache Tomcat 5.5.18 Apache Tomcat 5.5.19 Apache Tomcat 5.5.20 Apache Tomcat 5.5.21 Apache Tomcat 5.5.22

Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 up to and including 5.5.26 and 6.0.0 up to and including 6.0.16 allows remote malicious users to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.

Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11 Apache Tomcat 5.5.12 Apache Tomcat 5.5.13 Apache Tomcat 5.5.14 Apache Tomcat 5.5.15 Apache Tomcat 5.5.16 Apache Tomcat 5.5.17 Apache Tomcat 5.5.18 Apache Tomcat 5.5.19 Apache Tomcat 5.5.20

Cross-site scripting (XSS) vulnerability in the Host Manager Servlet for Apache Tomcat 6.0.0 to 6.0.13 and 5.5.0 to 5.5.24 allows remote malicious users to inject arbitrary HTML and web script via crafted requests, as demonstrated using the aliases parameter to an html/add action...

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

1 EDB exploit

The autodeployment process in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote malicious users to bypass intended authentication requ...

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat ...

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

Apache Tomcat 5.5.0 up to and including 5.5.29, 6.0.0 up to and including 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote malicious users to cause a denial of service (application outage) or obtain sensitive information via...

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

Apache Tomcat 5.5.0 up to and including 5.5.29 and 6.0.0 up to and including 6.0.26 might allow remote malicious users to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading t...

Apache Tomcat 5.5.0 Apache Tomcat 5.5.1 Apache Tomcat 5.5.2 Apache Tomcat 5.5.3 Apache Tomcat 5.5.4 Apache Tomcat 5.5.5 Apache Tomcat 5.5.6 Apache Tomcat 5.5.7 Apache Tomcat 5.5.8 Apache Tomcat 5.5.9 Apache Tomcat 5.5.10 Apache Tomcat 5.5.11

1 EDB exploit

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook